Major organizations vulnerable to subdomain hijacking attacks

SecurityWeek reports that more than 1,000 organizations around the world could be subjected to subdomain hijacking attacks leveraging dangling DNS records. Dangling DNS records were exploited by Certitude Consulting researchers to take over subdomains owned by over a dozen organizations including government entities in the U.S., Canada, Australia, and the U.K., major U.S. universities, news company CNN, major insurance firm Penn Mutual, and cybersecurity company Netscout. All organizations that had their subdomains compromised have already been notified but thousands more are still at risk, with threat actors potentially utilizing the attack technique to facilitate social engineering attacks, malware intrusions, and phishing campaigns, noted the report. "In most cases, the hijacking of subdomains could be effectively and comprehensively prevented by cloud services through domain ownership verification and not immediately releasing previously used identifiers for registration," said Certitude Consulting cloud security expert Florian Schweitzer, who noted that while Microsoft has addressed such an issue in Azure Storage Accounts, other cloud providers have yet to follow suit.